Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 25, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
226541	3.5	注意	IBM	-	複数の IBM 製品におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-3322	2013-02-21 18:21	2012-02-15	Show	GitHub Exploit DB Packet Storm

226542	6.5	警告	IBM	-	IBM SmartCloud Control Desk におけるアクセス制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-3321	2013-02-21 18:21	2012-02-15	Show	GitHub Exploit DB Packet Storm

226543	3.5	注意	IBM	-	複数の IBM 製品の TPAE におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-3316	2013-02-21 18:20	2012-02-15	Show	GitHub Exploit DB Packet Storm

226544	7.5	危険	IBM	-	IBM SAN Volume Controller および Storwize の管理 GUI における認証を回避される脆弱性	CWE-287 不適切な認証	CVE-2012-6354	2013-02-21 18:20	2013-02-5	Show	GitHub Exploit DB Packet Storm

226545	5	警告	シスコシステムズ	-	Cisco Unity Connection におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2013-1129	2013-02-21 16:41	2013-02-15	Show	GitHub Exploit DB Packet Storm

226546	6.8	警告	シスコシステムズ	-	複数の Cisco 製品のコマンドラインインターフェイスにおける root 権限を取得される脆弱性	CWE-20 不適切な入力確認	CVE-2013-1125	2013-02-21 16:40	2013-02-15	Show	GitHub Exploit DB Packet Storm

226547	2.6	注意	コンクリートファイブ	-	concrete5 におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-5181	2013-02-20 16:01	2012-12-21	Show	GitHub Exploit DB Packet Storm

226548	7.2	危険	マイクロソフト	-	Microsoft Windows のカーネルモードドライバ内の win32k.sys における権限昇格の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-0008	2013-02-20 14:31	2013-01-8	Show	GitHub Exploit DB Packet Storm

226549	7.5	危険	Google	-	Linux 上で稼働する Google Chrome における脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-0838	2013-02-20 13:41	2013-01-10	Show	GitHub Exploit DB Packet Storm

226550	7.5	危険	Google	-	Google Chrome におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2013-0837	2013-02-20 13:40	2013-01-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 26, 2026, 4:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
318231	-		proftpd mandrakesoft debian conectiva	proftpd mandrake_linux debian_linux linux	Memory leak in ProFTPd 1.2.0rc2 allows remote attackers to cause a denial of service via a series of USER commands, and possibly SIZE commands if the server has been improperly installed.	CWE-401 Missing Release of Memory after Effective Lifetime	CVE-2001-0136	2024-01-27 03:53	2001-03-12	Show	GitHub Exploit DB Packet Storm

318232	5.8	MEDIUM Network	chillcreations	com_ccnewsletter	Directory traversal vulnerability in the ccNewsletter (com_ccnewsletter) component 1.0.5 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter in …	CWE-22 Path Traversal	CVE-2010-0467	2024-01-27 02:44	2010-02-3	Show	GitHub Exploit DB Packet Storm

318233	9.8	CRITICAL Network	debian canonical	lintian debian_linux ubuntu_linux	Multiple directory traversal vulnerabilities in Lintian 1.23.x through 1.23.28, 1.24.x through 1.24.2.1, and 2.x before 2.3.2 allow remote attackers to overwrite arbitrary files or obtain sensitive i…	CWE-22 Path Traversal	CVE-2009-4013	2024-01-27 02:44	2010-02-3	Show	GitHub Exploit DB Packet Storm

318234	7.5	HIGH Network	ibm	websphere_application_server	IBM WebSphere server 3.0.2 allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case.	CWE-178 Improper Handling of Case Sensitivity	CVE-2000-0497	2024-01-27 02:43	2000-06-8	Show	GitHub Exploit DB Packet Storm

318235	7.5	HIGH Network	unify	ewave_servletexec	Unify eWave ServletExec allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case.	CWE-178 Improper Handling of Case Sensitivity	CVE-2000-0498	2024-01-27 02:43	2000-06-8	Show	GitHub Exploit DB Packet Storm

318236	7.5	HIGH Network	bea	weblogic_server	The default configuration of BEA WebLogic 3.1.8 through 4.5.1 allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case.	CWE-178 Improper Handling of Case Sensitivity	CVE-2000-0499	2024-01-27 02:43	2000-06-8	Show	GitHub Exploit DB Packet Storm

318237	7.1	HIGH Local	iss	blackice_server_protection blackice_pc_protection	BlackICE PC Protection and Server Protection installs (1) firewall.ini, (2) blackice.ini, (3) sigs.ini and (4) protect.ini with Everyone Full Control permissions, which allows local users to cause a …	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2004-1714	2024-01-27 02:21	2004-08-11	Show	GitHub Exploit DB Packet Storm

318238	7.0	HIGH Local	symantec	antivirus_scan_engine	The LiveUpdate capability (liveupdate.sh) in Symantec AntiVirus Scan Engine 4.0 and 4.3 for Red Hat Linux allows local users to create or append to arbitrary files via a symlink attack on /tmp/LiveUp…	CWE-59 Link Following	CVE-2004-0217	2024-01-27 02:21	2004-04-15	Show	GitHub Exploit DB Packet Storm

318239	5.5	MEDIUM Local	mgetty_project	mgetty	faxrunqd.in in mgetty 1.1.28 and earlier allows local users to overwrite files via a symlink attack on JOB files.	CWE-59 Link Following	CVE-2003-0517	2024-01-27 02:20	2003-08-18	Show	GitHub Exploit DB Packet Storm

318240	7.8	HIGH Local	ibm	u2_universe	cci_dir in IBM U2 UniVerse 10.0.0.9 and earlier creates hard links and unlinks files as root, which allows local users to gain privileges by deleting and overwriting arbitrary files.	CWE-59 Link Following	CVE-2003-0578	2024-01-27 02:19	2003-08-18	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed